Secure Users, Devices & Apps With Duo’s Trusted Access Platform

Do you have a Bring Your Own Device (BYOD) policy? Most organizations do. Do you have the ability to control what a BYOD can access without complex agents while providing access from anywhere, anytime? Most organizations can only dream of this scenario, and until now, it may have been impossible.

What is Trusted Access?

Trusted Access is the concept of verifying the trust of users and devices before granting access to business applications.

Traditionally, users worked from one location (the office) on IT-owned and managed workstations, accessing on-premises apps and systems housed in data centers. But nowadays, users work from many different remote locations using a diverse set of devices, including their personal laptops, tablets, PCs and mobile phones. They connect to web-based business apps with no defined network perimeter to access work resources and company data.

That means new threats have evolved to match, often targeting outdated operating systems, browsers and Flash and Java plugins on users’ unmanaged devices. IT departments don’t have the same level of insight into these devices as they used to - making it difficult to regulate which devices are allowed to connect to business apps, and opening up companies to malware infection and a potential compromise.

Duo’s Trusted Access Solutions

Duo Access provides a Trusted Access protection model to ensure users are who they say they are with two-factor authentication. To verify the trust of devices, we give you complete visibility into all of your endpoints, while identifying outdated devices and empowering users to update.

You can also create custom access and authentication policies based on data-rich reporting, while tracking the latest software vendor-released versions of Flash, Java, browsers and more. Read on for more details on all of the different Access features designed to ensure Trusted Access.

Notifying Users to Update Devices

In December of 2015, Duo released a new feature called Self-Remediation, which helps users update their devices by informing them about out-of-date browsers and plugins, without requiring any agents. Our customers wanted the ability to control access to applications based on the security hygiene of those devices.

For example, if a device’s browser is more than one month out of date, you can block it from accessing certain applications until it’s updated, by creating a policy with our Endpoint Remediation feature.

This is one of the key parts of Trusted Access - with Duo’s service, you can now ensure all devices, both managed and unmanaged, have good security hygiene and are up to date, all without the use of agents.

Controlling Access To Managed Applications

As the administrator, you can control all access by devices, corporate-owned or BYOD, to applications you manage. You set policies based on device OS, software and plugin information that you’re comfortable with, and Duo takes care of the rest.

Do you have different update levels that you want to maintain for different applications, users, or groups? No problem! Don’t know what the latest version numbers are? We’ve taken care of that for you as well. Did a new update just come out? Our Policy and Controls feature enables you to keep your environment up to date automatically, saving you time and manual effort.

It’s that simple. Our goal is to ensure that only devices that you trust are allowed to access your data and applications.

Duo worked with end users and IT administrators across countless organizations to understand the most optimal workflows that enable Trusted Access. Administrators want to control access, and avoid frustrating their users.

This is a win for both sides - users are able to maintain exclusive control of their device by controlling when and how they’re updated, while administrators are able to control access to applications they manage.

Assess & Remediate Device Security Quickly With Trending Reports

Interactive reporting gives you insight into any device that connects to your applications, regardless if it’s BYOD or corporate-owned, laptop, desktop, or mobile device, with our Device Insight feature that gathers data on OS, browser, platform and plugin versions.

As an administrator, you’ll see how endpoints update based on trending information, and you can take immediate action on the information.

For example, a new version of Flash was released that patched a zero day, and you’d like to see how many users have adopted this new version of Flash and how quickly. We provide this data over various timeframes so you can take action directly using our Device Insight feature.

Need an iron fist? No problem! You’re one click away from creating a policy that ensures only those devices that you trust can access your applications. Prefer a softer approach? With just one click, you can encourage your users to update via email.

We continuously look for unique ways to help IT administrators solve the problems they face. Duo Access affords you control over your applications, and your end users will love it because it requires no agents on their personal devices. Sign up with Duo to leverage our Duo Access to protect your users and devices today.